package Model;

import java.sql.PreparedStatement;
import java.sql.ResultSet;
import DBAccess.DBAccess;

public class Login {

	// logs the user into the system
	// gets the password and userID from the database when email is provided and
	// compares it to the inputted password
	public static int login(String email, String pass) {
		PreparedStatement ps = null;
		ResultSet rs = null;

		new DBAccess();
		if (email == null || pass == null)
			return -1;
		try {
			ps = DBAccess.con
					.prepareStatement("SELECT pword, userID FROM accountdb WHERE email=?");
			ps.setString(1, email);
			rs = ps.executeQuery();

			if (rs.next()) {
				String upass = rs.getString("pword");
				int userID = rs.getInt("userID");
				DBAccess.close(ps, rs);
				if (pass.equals(upass))
					return userID;
				else
					return -1;
			}
		} catch (Exception e) {
			e.printStackTrace();
		}
		return -1;

	}
}
